Enables secure API key management through environment variables, supporting configuration of the Shodan API key and other server settings.
Hosts the repository for the Shodan MCP Server, allowing users to clone the project for installation.
Provides the runtime environment for the MCP server, with version 14 or higher required to run the Shodan integration.
Used for package management and dependency installation, with version 6 or higher required for the Shodan MCP server.
A Model Context Protocol (MCP) server that provides access to Shodan's internet scanning capabilities through a standardized interface.
This server implements the Model Context Protocol to expose Shodan's powerful internet scanning and reconnaissance capabilities. It provides a standardized interface for querying Shodan's database of internet-connected devices, services, and vulnerabilities.
Search Capabilities: Query Shodan's database using advanced search filters
DNS Lookup: Resolve domain names and get detailed DNS information
CVE Information: Get detailed information about Common Vulnerabilities and Exposures
Get Vulnerabilities: Get detailed infor Vulnerabilities related to an IP address
Standardized Interface: Uses MCP protocol for consistent communication
Environment Variable Support: Secure API key management through environment variables
Node.js (v14 or higher)
npm (v6 or higher)
Shodan API key
Clone the repository:
Install dependencies:
Create a .env.local file in the root directory and add your Shodan API key:
Build the server:
Start the server:
Search Tool
Query: Search for devices and services using Shodan's search syntax
Example: log4j country:US city:Atlanta
Returns: List of matching devices with detailed information
DNS Lookup Tool
Query: Domain name to resolve
Example: example.com
Returns: DNS records and related information
CVE Info Tool
Query: CVE identifier
Example: CVE-2021-44228
Returns: Detailed vulnerability information
You can use the MCP inspector to interact with the server directly:
Install the MCP inspector:
Run the inspector with your server:
The inspector provides an interactive interface to:
Test all available tools
View tool documentation
Debug server responses
Monitor server status
SHODAN_API_KEY: Your Shodan API key (required)
PORT: Server port (optional, defaults to 3000)
LOG_LEVEL: Logging level (optional, defaults to 'info')
The server implements comprehensive error handling for:
Invalid API keys
Rate limiting
Network issues
Invalid queries
Server errors
API Key Protection:
Never commit API keys to version control
Use environment variables for sensitive data
Rotate API keys regularly
Rate Limiting:
Respect Shodan's API rate limits
Implement client-side rate limiting
Data Privacy:
Filter sensitive information from responses
Implement access controls as needed
This project is licensed under the MIT License - see the LICENSE file for details.
Shodan for providing the API
Model Context Protocol team for the MCP specification
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
This is a Model Context Protocol (MCP) server that provides access to the Shodan API. It allows you to programmatically query Shodan for information about devices, vulnerabilities, and more.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/X3r0K/Shodan-MCP-Server-Inspector'
If you have feedback or need assistance with the MCP directory API, please join our Discord server